<?php

/**
 * User Class
 *
 * Class for working with current user
 */
class User {
	
	private $_id = 0;
	private $_login = "guest";
	private $_type = 'guest';
	private $_db;

	function __construct() {
		global $db;
		$this->_db = $db;
		
		/* enter by session */
		if (isset($_SESSION['userId']) && $_SESSION['userId'] != '') {
			$u = $this->_db->getRow("select `login`,`password` from `users` where `id` = '".$_SESSION['userId']."' limit 1");
			
			if (count($u) > 0) {
				$this->login($u['login'],$u['password'],false,true);
			}
		} elseif (isset($_COOKIE['_auhash'])) {
			
			$hash = $_COOKIE['_auhash'];
			$r_user = $this->_db->getRow("select * from `remember_users` where `hash` = '$hash' limit 1");
			if ($r_user) {
				if ($r_user['before_time'] > time()){
					$u = $this->_db->getRow("select `type`,`login`,`password` from `users` where `id` = '".$r_user['user_id']."' limit 1");
					if (count($u) > 0)
						$this->login($u['login'],$u['password'],false,true);
				} else {
					setcookie("_auhash","",-1);
					$this->_db->sendQuery("delete from `remember_users` where `user_id` = '$r_user[user_id]' limit 1");
				}
			}
		}
	}

	public function login($login,$password,$remember=false,$without_pass=false) {

		$l_user = $this->_db->getRow("select `salt` from `users` where `login` = '".$login."' limit 1");
        
		if ($l_user) {
			
			if (!$without_pass) { // enter by login/pass
                $pass = md5(md5($password).$l_user['salt']);
            } else { // enter by session
                $pass = $password;
            }
            
            $query = "select `id`,`type`,`login`
                from `users`
                where
                    `login` = '".$login."' and `password` = '".$pass."'
                limit 1";
            $auth = $this->_db->getRow($query);

            if ($auth) {
				
                $_SESSION['userId'] = $auth["id"];
                $this->_id = $auth["id"];
                $this->_type = $auth["type"];
                $this->_login = $auth["login"];
				
	            // set cookie
				if ($remember) {
					$before = time() + 1209600;
					$hash = md5($auth["login"].$before);
					$user_agent = $_SERVER['HTTP_USER_AGENT'];
					setcookie("_auhash",$hash,$before,"/");
					// remember on 2 week
					$this->_db->sendQuery("insert into `remember_users` values (NULL,'$auth[id]','$hash','$before','$user_agent')");
				}
				
                // update last_time and ip
                $this->_db->sendQuery("update `users` set `last_time` = '".time()."', `last_ip` = '".$_SERVER['REMOTE_ADDR']."' where `id` = '".$auth["id"]."' limit 1");
				
                return $auth["id"];

            } else {
                $this->logout();
            }

		} else {
			$this->logout();
		}

		return false;
	}

	public function logout(){
		$hash = $_COOKIE['_auhash'] ? $_COOKIE['_auhash'] : 0;
		setcookie("_auhash","",-1,"/");
		$user_id = isset($_SESSION['userId']) ? $_SESSION['userId'] : 0;
		$this->_db->sendQuery("delete from `remember_users` where `user_id` = '$user_id' and `hash` = '$hash' limit 1");
		unset($_SESSION['userId']);
	}

	public function id()		{ return $this->_id; }
	public function getLogin()	{ return $this->_login; }
	public function type()		{ return $this->_type; }
	public function isGuest()	{ return ($this->_id == 0); }
	public function isUser()	{ return ($this->_type == 'user'); }
	public function isAdmin()	{ return ($this->_type == 'administrator'); }
}

?>